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DETAILED ACTION 

1. Applicant's Pre-Appeal Conference Request filed on August 1, 2007 has 
been carefully considered by a Pre-Appeal Conference. The conferees agreed that the 
references do not generating a destination port bit map based on the destination 
address information. Thus the finality of the Office Action mailed on May 29, 2007 is 
now withdrawn. Claims 1-24 are pending. 

2. Applicant's response filed on August 1, 2007 has been carefully 
considered. Claims 1-24 are pending. 



Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this Office 
action: 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

4. Claims 1, 3-5, 7, 10-12, 14-16, 18, 23-24 are rejected under 35 
U.S.C. 102(e) as being anticipated by Battle et al. (U.S. Patent No. 7,136,381 B2), 
hereinafter "Battle". 
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Referring to claim 1 : 
Battle teaches: 

A method of providing physical port security in a digital communication 
system, comprising: 

receiving a frame of digital data at a network device (see column 4, lines 
62-67; and column 5, line 16-column 7, line 43 of Battle); 

generating a destination port bit map [i.e., egress port table] based on the 
destination address information contained in said frame of digital data (see column 4, 
lines 62-67; and column 5, line 16-column 7, line 43, [i.e., the port bit map is generated 
based on the packet's Opcode, the destination port ID, the destination module ID, and a 
corresponding entry in a table], of Battle, emphasis added); 

comparing said destination port bit map with a physical port security bit 
map to generate a bit map of allowed destination ports, wherein said physical port 
security bit map [i.e., vanPORTBITMAP] is generated based on information in said 
received frame of digital data (see e.g. figure 6, element 'Does any port in 
vanPORTBITMAP belong to a trunk group in the trunk table', element 'Calculate the 
HASH using the DA [i.e., destination address] and SA [i.e., source near address] in the 
packet'; and column 6, lines 12-30, particular note 'RTAG 2 RTAG identifies the trunk 
selection criteria for this trunk group 0: based on DA [i.e., destination address] + SA 
[i.e., source address]', of Battle, emphasis added); and 

forwarding said frame of digital data to one or more of said allowed 
destination ports (see column 6, lines 12-19 The Trunk Group Table is used to derive 
the egress port when a packet has to go out on a trunk port', of Battle). 
Referring to claims 7, 18 : 

Battle teaches the claimed subject matter: a method of providing physical 
port security in a digital communication system (see claim 1 above). Battle further 
discloses the router (see column 1, line 41 of Battle). 
Referring to claim 10 : 
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Battle teaches the claimed subject matter: a method of providing physical 
port security in a digital communication system (see claim 1 above). Battle further 
discloses the process (see column 2, line 60 of Battle). 
Referring to claim 1 1 : 

Battle teaches the claimed subject matter: a method of providing physical 
port security in a digital communication system (see claim 1 above). Battle further 
discloses that the bit map is generated dynamically (see column 5, lines 48-55 of 
Battle). 

Referring to claims 3-5, 14-16, 23 : 

Battle teaches the claimed subject matter: a method of providing physical 
port security in a digital communication system (see claim 1 above). Battle further 
discloses the source address and the destination address of the digital data frame (see 
column 1 , lines 43-49 of Battle). 
Referring to claim 12 : 
Battle teaches: 

A system for providing physical port security, comprising: 
At least one processor within a network device, said network device 
having a communication port for receiving digital data from a digital communications 
system and two or more physical data ports for forwarding said digital data, said at least 
one of processor enables (see column 4, lines 62-67; and column 5, line 16-column 7, 
line 43 of Battle): 

Generation of a destination port bit map based on destination address 
information contained in said received digital data (see column 4, lines 62-67; and 
column 5, line 16-column 7, line 43, [i.e., the port bit map is generated based on the 
packet's Opcode, the destination port ID, the destination module ID, and a 
corresponding entry in a table], of Battle, emphasis added); 

Comparing of said destination port bit map within a physical port security 
bit map to generate a bit map of allowed destination ports, wherein said physical port 
security bit map is generated based on information within said received digital data (see 
e.g. figure 6, element 'Does any port in var:PORTBITMAP belong to a trunk group in 
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the trunk table', element 'Calculate the HASH using the DA [i.e., destination address] 
and SA [i.e., source near address] in the packet'; and column 6, lines 12-30, particular 
note 'RTAG 2 RTAG identifies the trunk selection criteria for this trunk group 0: 
based on DA [i.e., destination address] + SA [i.e., source address]', of Battle, emphasis 

* 

added); and 

Forwarding of said digital data to one or more of said allowed destination 
ports (see column 6, lines 12-19 The Trunk Group Table is used to derive the egress 
port when a packet has to go out on a trunk port', of Battle). 
Referring to claims 24 : 

Battle teaches the claimed subject matter: an intermediate network 
device (see claim 12 above). Battle further discloses that the bit map is dynamically 
altered based on a variable parameter (see column 5, lines 48-55 of Battle). 



Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 

6. Claims 2, 6, 8-9, 13, 17, 19-22 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Battle et al. (U.S. Patent No. 7,136,381 B2) in view of Wieget 
(U.S. Patent No. 6,484,261 B1). 



Referring to claims 6, 17, 22 : 
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Battle teaches the claimed subject matter: a method of providing physical 
port security in a digital communication system, (see claim 1 above). However, Battle 
does not specifically mention the IP address. 

ii. Wieget teaches a graphical network security policy management 
wherein Wieget discloses the IP address (see column 2, lines 14 of Wieget). 

iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Wieget into the method of 
Battle to use IP address. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Wieget into the system of Battle to the IP address, because 
Battle teaches using the information provided in a packet to generate a port bitmap (see 
column 5, lines 48-55 of Battle). And IP address is the information contained in the 
packet. Therefore, Wieget's teaching could enhance Battle's system. 

Referring to claims 2, 13 : 

Battle and Wieget teach . the claimed subject matter: a method of 
providing physical port security in a digital communication system (see claim 1 above). 
They further disclose the logical AND (see column 18, line 7 of Wieget). 
Referring to claim 21 : 

Battle and Wieget teach the claimed subject matter: an intermediate 
network device (see claim 12 above). They further disclose the IP data (see column 2, 
lines 14 of Wieget). 

Referring to claims 9, 20 : 

» 

Battle and Wieget teach the claimed subject matter: an intermediate 
network device (see claim 12 above). They further disclose the local area network (see 
column 10, line 52-55 of Wieget) 
Referring to claims 8, 19 : 

Battle and Wieget teach the claimed subject matter: an intermediate 
network device (see claim 12 above). They further disclose the network file server (see 
column 10, line 52-55 of Wieget). 
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Response to Arguments 

7. Applicant's arguments, filed on August 1, 2007, have been fully 
considered and are persuasive. Therefore, the rejection has been withdrawn. 
However, upon further consideration, a new ground(s) of rejection is made. 



Conclusion 

8. The prior art made of record and not relied upon is considered pertinent 
to applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Joseph Pan whose telephone number is 571-272- 
5987. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Vu can be reached at 571-272-3859. The fax and phone 
numbers for the organization where this application or proceeding is assigned is 703- 
872-9306. 

Any inquiry of a general nature or relating to the status of this application 
or proceeding should be directed to the receptionist whose telephone number is 571- 



272-2100. 



Joseph Pan 
October 10, 2007 




